I have been on this for days and days, and am at the point that I have pulled out so many hairs that I now have just one hair left on my head. That hair is my last bit of pride. But seriously though, I have found dozens of answers but none seem to apply to my problem!
I have an e-mail form for a website I made. The site and form are made in Flash (AS3), the script for processing the e-mail is an external php file. The e-mail form works just fine, except for when I use certain characters:
% is not shown in the e-mail, including any text directly behind it
when a &, < or > is present, the form will say 'sending..' but not go beyond that point; I don't receive any e-mail.
All (or most at least) other characters like !##$^*_+-=~` are no problem.
I have already made sure both AS3 and php codes have
"MIME-Version: 1.0; Content-Type: text/html; charset=utf-8" is included in my sending if check in the php file;
the textfields in AS3 are set to htmlText instead of just text.
My scripts:
mail.php
if( $yourName == true ) {
$sender = $fromEmail;
$yourEmail = "myemail#example.com"; // Here i of course use my own email address
$ipAddress = $_SERVER['REMOTE_ADDR']; // This gets the user's ip Address
$emailMsg = "Van: $sender\r\n" .
"Name: $yourName\r" .
"Subject: $yourSubject\n\n" .
"$yourMsg\n\n\n\n" .
"------------------------------\r" .
"Sent from IP-address $ipAddress\r" .
"X-Mailer: PHP/" . phpversion();
# these are three (out of many) things I tried to work around the problem #
//$emailMsg = str_replace( '&', "&", $emailMsg );
//$emailMsg = htmlspecialchars($emailMsg, ENT_QUOTES);
//$emailMsg = mysql_real_escape_string($emailMsg);
$return = "From: $sender\r\n";
if( mail($yourEmail, "$yourSubject", $emailMsg, $return, "MIME-Version: 1.0; Content-Type: text/html; charset=utf-8")) {
echo "sentStatus=yes";
}
else {
echo "sentStatus=no";
}
}
?>
FormScript.as
package {
/*required imports*/
public class FormScript extends Sprite {
/*here are the variable declarations*/
public function FormScript() {
sendbtn.buttonMode = true;
sendbtn.addEventListener(MouseEvent.CLICK, submit);
resetbtn.buttonMode = true;
resetbtn.addEventListener(MouseEvent.CLICK, reset);
urlRequest.method = URLRequestMethod.POST;
/*here are are some positionings and addchilds*/
function init():void {
//Set all fields to empty
yourName.htmlText = "";
fromEmail.htmlText = "";
yourSubject.htmlText = "";
yourMsg.htmlText = "";
valid.text = "";
}
function submit(e:MouseEvent):void {
//Check to see if any of the fields are empty
if(yourName.htmlText == "" || fromEmail.htmlText == "" ||
yourSubject.htmlText == "" ||yourMsg.htmlText == "" ) {
valid.text = "All fields must be filled in";
}//Check if you're using a valid email address
else if(!checkEmail(fromEmail.htmlText)) {
valid.text = "Please enter a valid e-mail address";
}
else {
valid.text = "Sending..";
var emailData:String =
"name=" + yourName.htmlText +
"&from=" + fromEmail.htmlText +
"&subject=" + yourSubject.htmlText +
"&msg=" + yourMsg.htmlText;
var urlVars:URLVariables = new URLVariables(emailData);
urlVars.dataFormat = URLLoaderDataFormat.TEXT;
urlRequest.data = urlVars; varLoad.load( urlRequest );
varLoad.addEventListener(Event.COMPLETE, thankYou );
}
}
function reset(e:MouseEvent):void {
init(); //call the initial clear function
}
function checkEmail(s:String):Boolean {
//yourMsg.text = escape("&");
//This tests for correct email address
var p:RegExp = /(\w|[_.\-])+#((\w|-)+\.)+\w{2,4}+/;
var r:Object = p.exec(s);
if( r == null ) {
return false;
}
return true;
}
function thankYou(e:Event):void {
var loader:URLLoader = URLLoader(e.target);
var sent = new URLVariables(loader.data).sentStatus;
//valid.text = sent;
if( sent == "yes" ) {
valid.text = "Thank you for your e-mail!"; timer = new Timer(500);
timer.addEventListener(TimerEvent.TIMER, msgSent);
timer.start();
}
else {
valid.text = "Something went wrong, please try again";
}
}
function msgSent(te:TimerEvent):void {
if(timer.currentCount >= 10) {
init();
timer.removeEventListener(TimerEvent.TIMER, msgSent);
}
}
}
}
}
Keywords:ampersand special characters symbols less-than less than greater-than greater than please don't edit this, it's for others to find this question because you can't search for an '&' and such.
The most obvious culprit here is messy way you're creating the emailData string. As a first step I'd recommend reformatting it to the following:
var urlVars:URLVariables = new URLVariables();
urlVars.name = yourName.htmlText;
urlVars.from = fromEmail.htmlText;
urlVars.subject = yourSubject.htmlText;
urlVars.msg = yourMsg.htmlText;
I think this will automatically URI encode the values, but if not, use encodeURI() as suggested by Mark Knol.
Within Flash, the values need to be encoded, otherwise the querystring could be corrupted.
var emailData:String =
"name=" + encodeURI(yourName.htmlText) +
"&from=" + encodeURI(fromEmail.htmlText) +
"&subject=" + encodeURI(yourSubject.htmlText) +
"&msg=" + encodeURI(yourMsg.htmlText);
Try to use
$emailMsg = utf8_decode($emailMsg);
I decode all my strings I get from Flash.
If this doesn't help, use
$emailMsg = urldecode($emailMsg);
Or both :D
Related
I am having trouble with a form, when the user mail is not inserted, it always return the error message "Invalid address: email". I understand $reg_email variable is being used in other functions to send the mail to the user, so I realize I must write a condition that says that when the reg_email variable is empty, it must return a value that wont cause that error. But I dont know how to translate that logic to PHP. What should I do?
<?php
ini_set('display_errors', 1);
session_start();
if($_SESSION['input_flag']) {
unset($_SESSION['input_flag']);
}else{
header('location: /');
}
$path = realpath(dirname(__FILE__) . '') . "/../";
include_once($path.'app_config.php');
include($path.'libs/meta.php');
//設定
require('./jphpmailer.php');
$script = "index.php";
$gtime = time();
$reg_name = isset($_POST['f_name']) ? htmlspecialchars($_POST['f_name']): "";
if (isset($_POST['f_company']) && !empty($_POST['f_company'])) {
$f_company .= "■会社名"."\r\n" . $_POST['f_company'];
}
$f_adress = isset($_POST['f_adress']) ? htmlspecialchars($_POST['f_adress']): "";
$f_select = '';
if (!empty($_POST['select'])) {
foreach ($_POST['select'] as $key => $value) {
$f_select .= "設置されている消防設備"."\r\n" . $_POST['f_select'];
}
}
$f_tel = isset($_POST['f_tel']) ? htmlspecialchars($_POST['f_tel']): "";
// $reg_email = isset($_POST['f_mail']) ? htmlspecialchars($_POST['f_mail']): "";
if (isset($_POST['f_mail']) || !empty($_POST['f_mail'])) {
$reg_email .= "email"."\r\n" . $_POST['f_mail'];
}
$f_select2 = '';
foreach ($_POST['select2'] as $key => $value) {
$f_select2 .= $value."\r\n";
}
$f_request = isset($_POST['f_request']) ? htmlspecialchars($_POST['f_request']): "";
$aMailto = array(
"xxxxxx"
);
$from = "xxxxxx";
$fromname = '';
$subject1 = 'test';
$subject = 'test';
$entry_time = gmdate("Y/m/d H:i:s",time()+9*3600);
$entry_host = gethostbyaddr(getenv("REMOTE_ADDR"));
$entry_ua = getenv("HTTP_USER_AGENT");
$msgBody = "";
$msgBody .= "
■お名前
$reg_name
$f_company
■建物の所在地
$f_adress
$f_select
■お電話番号
$f_tel
$reg_email
■ご希望の連絡方法
$f_select2
■お問い合わせ内容
$f_request
";
//お問い合わせメッセージ送信
$subject = "ホームページからお問い合わせがありました";
$body = "
登録日時:$entry_time
ホスト名:$entry_host
ブラウザ:$entry_ua
ホームページからお問い合わせがありました。
$msgBody
";
//Message for the user
$subject1 = "お問い合わせありがとうございました";
$body1 = "
$reg_name 様
$msgBody
";
// メール送信
mb_language("ja");
mb_internal_encoding("UTF-8");
$fromname = "";
//お客様受け取りメール送信
$email1 = new JPHPmailer();
$email1->addTo($reg_email);
$email1->setFrom($from,$fromname);
$email1->setSubject($subject1);
$email1->setBody($body1);
//if($email1->send()) {};
//Anti spam advanced version 2 start: Don't send blank emails
if( $reg_name <> "" && $reg_email <> "" ) {
//Anti spam advanced version 1 start: The preg_match() is there to make sure spammers can’t abuse your server by injecting extra fields (such as CC and BCC) into the header.
if( $reg_email && !preg_match( "/[\r\n]/", $reg_email) ) {
//Anti spam part1: the contact form start
if($reg_url == ""){
// then send the form to your email
if($email1->Send()) {};
} // otherwise, let the spammer think that they got their message through
//Anti spam part1: the contact form end
}//Anti spam advanced version 1 end
}//Anti spam advanced version 2 end: Don't send blank emails
//メール送信
$email = new JPHPmailer();
for($i = 0; $i < count($aMailto); $i++)
{
$email->addTo($aMailto[$i]);
}
$email->setFrom($reg_email, $reg_name."様");
$email->setSubject($subject);
$email->setBody($body);
//if($email->Send()) {};
//Anti spam advanced version 2 start: Don't send blank emails
if( $reg_name <> "" && $reg_email <> "" ) {
//Anti spam part1: the contact form start
if($reg_url == ""){
// then send the form to your email
if($email->Send()) {};
} // otherwise, let the spammer think that they got their message through
//Anti spam part1: the contact form end
}//Anti spam advanced version 2 end: Don't send blank emails
?>
It's because you're doing this:
$reg_email .= "email"."\r\n" . $_POST['f_mail'];
the word email, followed by a line break, followed by an email address is not itself a valid email address, so will be rejected with the error you're seeing. You're also appending to a variable that has not yet been defined. Do this instead:
$reg_email = $_POST['f_mail'];
I'm also puzzled by this:
$email->addTo($aMailto[$i]);
PHPMailer uses addAddress, not addTo, so unless that's a new method or alias in your JPHPmailer subclass, it's wrong.
Also, don't do this:
$email->setFrom($reg_email, $reg_name."様");
This is forgery and will result in your message being bounced or spam filtered by recipients. Do this instead:
$email->setFrom('myemail#example.com', $reg_name."様");
$email->addReplyTo($reg_email, $reg_name."様");
That is, send from your own address and use the submitter's address as a reply-to.
I am using a simple contact form: http://luiszuno.com/previews/formy/
and the issue is that whenever the character "&" is typed on the form the rest of the message after "&" is not received on the email. Edit: Added the code, form works correctly other than the missing data issue. What could be causing this issue?
jQuery(document).ready(function($) {
$("#formy").on( "submit", function( event ) {
$(this).serialize();
});
// Hide messages
$("#formy-success").hide();
$("#formy-error").hide();
$("input,textarea").blur(function(){
$(this).css("border-color","#596a87");
});
// on submit...
$("#formy #submit").click(function() {
$(this).serialize();
// Required fields:
//name
var name = $("#name").val();
if(name == "" || name == "Name *"){
$("#name").focus();
$("#formy-error").fadeIn().text("Name required");
$("#name").css("border-color","#a22528");
return false;
}
else {$("#name").css("border-color","#596a87");}
// email
var email = $("#email").val();
if(email == "" || email == "Email *"){
$("#email").focus();
$("#formy-error").fadeIn().text("Email required");
$("#email").css("border-color","#a22528");
return false;
}
else {$("#email").css("border-color","#596a87");}
// email validation
function validateEmail(email) {
var filter = /^([a-zA-Z0-9_.+-])+\#(([a-zA-Z0-9-])+\.)+([a-zA-Z0-9]{2,4})+$/;
return filter.test(email);
}
if (!validateEmail(email)) {
$("#formy-error").fadeIn().text("Invalid email address");
$("#email").css("border-color","#a22528");
return false;
}
//budget
var budget = $("#budget").val();
if(budget == "" || budget == "Budget"){
return false;
}
// comments
var comments = $("#comments").val();
if(comments == "" || comments == "Message *"){
$("#comments").focus();
$("#formy-error").fadeIn().text("Message required");
$("#comments").css("border-color","#a22528");
return false;
}
else {$("#comments").css("border-color","#596a87");}
// send mail php
var sendMailUrl = $("#sendMailUrl").val();
// Retrieve values for to, from & subject at the form
var to = $("#to").val();
var from = $("#from").val();
var subject = $("#subject").val();
// Create the data string
var dataString = 'name=' + name
+ '&email=' + email
+ '&comments=' + comments
+ '&to=' + to
+ '&from=' + from
+ '&budget=' + budget
+ '&subject=' + subject;
// ajax
$.ajax({
type:"POST",
url: sendMailUrl,
data: dataString,
success: success()
});
});
// On success...
function success(){
$("#formy-success").fadeIn(250).text("Thanks, I will contact you soon!");
$("#formy-error").hide();
$("#formy fieldset").slideUp(250);
}
return false;
});
send-mail.php
<?php header("Content-Type: text/html; charset=utf-8");
//vars
$subject = $_POST['subject'];
$to = explode(',', $_POST['to'] );
$from = $_POST['email'];
//data
$msg = "NAME: " .$_POST['name'] ."<br>\n";
$msg .= "EMAIL: " .$_POST['email'] ."<br>\n";
$msg .= "BUDGET: " .$_POST['budget'] ."<br>\n";
$msg .= "COMMENTS: " .$_POST['comments'] ."<br>\n";
//Headers
$headers = "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=UTF-8\r\n";
$headers .= "From: <".$from. ">" ;
//send for each mail
foreach($to as $mail){
mail($mail, $subject, $msg, $headers);
}
?>
Your problem is that you are building your data string manually and not URI-encoding the data values you insert into the string. Therefore any raw & character in your text will be assumed to be part of the URI and not the data, meaning that it will be interpreted as indicating the start of the next parameter, rather than just a character in the text. URI-encoding this data will convert this and other special characters into their encoded equivalents, so they will not be mis-interpreted.
Now, you can certainly fix this by wrapping every field variable with encodeURIComponent(), but this is verbose and tedious:
var dataString = 'name=' + encodeURIComponent(name)
+ '&email=' + encodeURIComponent(email)
+ '&comments=' + encodeURIComponent(comments)
+ '&to=' + encodeURIComponent(to)
+ '&from=' + encodeURIComponent(from)
+ '&budget=' + encodeURIComponent(budget)
+ '&subject=' + encodeURIComponent(subject);
There are better ways:
Currently, your $(this).serialize(); will not work because this represents the clicked button, not the form. However if you point it at the form, you can use it to easily serialise the fields within it automatically, and jQuery will handle any encoding issues on your behalf. This saves on manual encoding, and on code to fetch each field value individually (although I note you currently need this for your validation, although there are other ways to implement validation which would remove that need, but that's another topic entirely).
$.ajax({
type:"POST",
url: sendMailUrl,
data: $("#formy").serialize(),
success: success //Unrelated: I also removed the brackets here, so it becomes a _reference_ to the "success" function - writing success() as you did means the function is immediately executed, and what gets passed to jQuery is the _result_ of the function, which isn't what you want in this case
});
As you can see this is much less hassle. And if you ever add more fields to your form in future, you won't have to change this bit of code at all.
Another side point - you're going to a lot of trouble to validate the form input using JavaScript. This is nice and user-friendly, but it provides no security whatsoever. On the server side you appear to be happily inserting whatever values the browser sends directly into your email. Any user with a small amount of knowledge can either modify your JavaScript with their developer tools, or turn off JS, or just use another tool entirely (e.g. PostMan, or a custom application) to fire HTTP requests at your server without ever touching your form. They could potentially send problematic values which might screw up your email - e.g. a different "from" value, or some nasty HTML, or if you're interacting with a database anywhere in your application, carry out SQL Injection attacks to mess that up. You should always validate all incoming data in your PHP code for security issues, and to ensure it meets your business rules, before using it for anything else.
Using the encodeURIComponent() as #ADyson recommended fixed the missing data/urls from received email when using the contact form.
var comments = $("#comments").val();
var e_comments = encodeURIComponent(comments);
I have built a fairly basic mailer that uses PEAR Mail and sends emails through Amazon SES to a relatively small (<100), list of people.
My JavaScript looks like this:
$('#mailer_final_form').on('submit',function(e){
e.preventDefault();
$('#forms_wrap').slideUp();
$('#sender').slideDown();
var url = "/mailer?action=send";
var totalEmailrec = $('.email-recipients').length;
var totalEmailrecp = totalEmailrec+1;
$('#total_togo').html(totalEmailrec);
var totalSent = 1;
$('.email-recipients').each(function(){
var thisRecipient = $(this).val();
$.ajax({
type: "POST",
url: url,
data: $('#mailer_final_form').serialize()+'&recipient='+thisRecipient,
success: function(data)
{
$('#total_sent').html(totalSent++);
$('#return_values').append(data);
if (totalSent==totalEmailrecp) {
$('#loader_image').fadeOut();
$('#return_values').append('<br><b>Finished!</b>');
}
}
});
});
});
Unfortunately, sometimes the mailer crashes and it doesn't tell me why, this is my PHP:
if ($_GET['action']=="send") {
set_include_path('/opt/cpanel/ea-php56/root/usr/share/pear');
$mailer_from = $_POST['sender'];
$mailer_subject = $_POST['email_subject'];
$mailer_body = $_POST['email_body'];
$salutation_type = $_POST['salutation_type'];
$recipient = $_POST['recipient'];
$recipient = explode('||',$recipient);
$recipient_name = trim($recipient[0]);
$recipient_email = trim($recipient[1]);
if (filter_var($recipient_email, FILTER_VALIDATE_EMAIL)) {
define('USERNAME','my_ses_id');
define('PASSWORD','my_ses_pw');
define('HOST', 'email-smtp.us-west-2.amazonaws.com');
define('PORT', '587');
require_once 'Mail.php';
define('SENDER', "$mailer_from");
if (strpos($recipient_name, '#') !== false) {
define('RECIPIENT', "$recipient_email");
} else {
define('RECIPIENT', "$recipient_name <$recipient_email>");
}
define('SUBJECT', "$mailer_subject");
switch ($salutation_type) {
case 1: // dear ***
if (strpos($recipient_name, '#') !== false) {
$salutation = "Dear recipient,<br><br>";
} else {
$salutation = "Dear $recipient_name,<br><br>";
}
break;
case 2: // no salutation
$salutation = "";
break;
}
define('BODY',"
<html>
<head>
<title>$mailer_subject</title>
</head>
<body style='background:#eee;padding:40px;width:100%;'>
$mailer_template_header
$salutation
$mailer_body
$mailer_template_footer
</body>
</html>");
$headers = array ('MIME-Version'=>'1.0','Content-type'=>'text/html;charset=UTF-8','From' => SENDER,'To' => RECIPIENT,'Subject' => SUBJECT);
$smtpParams = array ('debug' => false,'host' => HOST,'port' => PORT,'auth' => true,'username' => USERNAME, 'password' => PASSWORD);
$mail = Mail::factory('smtp', $smtpParams);
$mail->send(RECIPIENT, $headers, BODY);
if (PEAR::isError($mail)) { "<span class='emails-sent'>$recipient_name ($recipient_email) -".$mail->getMessage()."</span><br>"; } else {
echo "<span class='emails-sent'>$recipient_name ($recipient_email) - OK</span><br>";
}
} else { echo "<span class='emails-sent'>$recipient_name ($recipient_email) - INVALID EMAIL ADDRESS / NOT SENT</span><br>"; }
}
What I would like to do, is somehow prevent the mailer from crashing, and set some kind of timeout to skip any email attempts that don't want to work (or at least get the correct error showing as to why that one is failing).
I have tried tirelessly to do this with jQuery's setInterval and various timer loops, but this appears not to want to work within the primary each loop (executing mail AJAX call for each email address).
Could anyone kindly suggest a way (preferably with jQuery), to skip an email address with an "xyz failed due to a timeout" message on that particular address? Or perhaps show me within my PHP how I can time out with the same error being returned to the mailer's interface?
I made a flash website with a contact form, which works perfectly in FireFox, IE and Chrome on my pc. However, in Safari I can't seem to type in any textfield; and on Android, I sowehow can only type capital letters (basically capslock is on and it won't let me change to lower case).
I'm suspecting the problem lies entirely within Flash, since sending an email does work just fine. Searching here or on Google doesn't get me to anything related.
Any tips?
Here is my code:
FormScript.as (this is an external .as file called from my main .as file)
//***All imports, vars, etc***
function submit(e:MouseEvent):void {
//Check to see if any of the fields are empty
if(yourName.text == "" || fromEmail.text == "" ||
yourSubject.text == "" ||yourMsg.text == "" ) {
valid.text = "All fields must be filled";
}
//Check if you're using a valid email address
else if(!checkEmail(fromEmail.text)) {
valid.text = "Please fill in an existing email";
}
else {
valid.text = "Verzenden..";
var emailData:String =
"name=" + yourName.text +
"&from=" + fromEmail.text +
"&subject=" + yourSubject.text +
"&msg=" + yourMsg.text;
var urlVars:URLVariables = new URLVariables(emailData);
urlVars.dataFormat = URLLoaderDataFormat.TEXT;
urlRequest.data = urlVars; varLoad.load( urlRequest );
varLoad.addEventListener(Event.COMPLETE, thankYou );
}
}
function reset(e:MouseEvent):void {
init(); //call the initial clear function
}
function checkEmail(s:String):Boolean {
//This tests for correct email address
var p:RegExp = /(\w|[_.\-])+#((\w|-)+\.)+\w{2,4}+/;
var r:Object = p.exec(s);
if( r == null ) {
return false;
}
return true;
}
function thankYou(e:Event):void {
var loader:URLLoader = URLLoader(e.target);
var sent = new URLVariables(loader.data).sentStatus;
if( sent == "yes" ) {
valid.text = "Thanks for your email!"; timer = new Timer(500);
timer.addEventListener(TimerEvent.TIMER, msgSent);
timer.start();
}
else {
valid.text = "Something went wrong, please try again";
}
}
function msgSent(te:TimerEvent):void {
if(timer.currentCount >= 10) {
init();
timer.removeEventListener(TimerEvent.TIMER, msgSent);
}
PHP file for mail processing:
<?php
$yourName = $_POST['name'];
$fromEmail = $_POST['from'];
$yourSubject = $_POST['subject'];
$yourMsg = $_POST['msg'];
if( $yourName == true ) {
$sender = $fromEmail;
$yourEmail ="myemailaddress#example.com"; // Naturally I put in my own email address here :)
$ipAddress = $_SERVER['REMOTE_ADDR']; // This gets the user's ip Address
$emailMsg = "Van: $sender\r\n" .
"Naam: $yourName\r" .
"Subject: my site - $yourSubject\n\n" .
"$yourMsg\n\n\n\n" .
"------------------------------\r" .
"Verstuurd vanaf IP-adres $ipAddress\r" .
"X-Mailer: PHP/" . phpversion();
$return = "From: $sender\r\n";
if( mail( $yourEmail, "$yourSubject", $emailMsg, $return)) {
echo "sentStatus=yes";
}
else {
echo "sentStatus=no";
}
}
?>
EDIT:
I have managed to resolve the Android issue on this. Safari still won't let me type.
I changed the title - Original question: "Flash form on Android lets me type only capital letters/CAPS, safari won't let me type at all"
The part that probably did the trick for Android was setting the textfields to be for .htmlText instead of .text in the AS3 code.
The only thing I would suggest, is to see if you need to update your Flash version. I have seen an issue before where I couldn't type in Firefox and updating Flash resolved it.
Is there any better way to stop spam coming through on my phpmailer script?
Also how would I go about adding formatting to this so its more readable when it gets sent through to email e.g. break lines
I hope my php syntax is correct - as i do not understand PHP.
<?php
# bool has_injection (String $var, [String $var, ...])
function has_injection () {
$values = func_get_args();
for ($i=0, $count=func_num_args(); $i<$count; $i++) {
if ( stristr($values[$i], "%0A") || stristr($values[$i], "%0D") || stristr($values[$i], "\\r") || stristr($values[$i], "\\n")
|| stristr($values[$i], "Bcc") || stristr($values[$i], "Content-Type") ) {
return true;
}
}
return false;
}
$error = '';
if (isset($_POST) && count($_POST)>0) {
# The form has been submitted
$course_title = $_POST['course_title'];
$course_date = $_POST['course_date'];
$course_code = $_POST['course_code'];
$course_fee = $_POST['course_fee'];
$break .= "\n";
$qual_subject_level = $_POST['qual_subject_level'];
$break .= "\n";
$email = $_POST['email'];
if ($name && $email && $subject) {
if (has_injection($name, $email, $subject)) {
# You've got another spammer at work here
$error = 'No spamming';
exit(0);
}
else {
# It's safe to send the message
mail('my#gmail.com',
$subject,
$course_title,
$course_code,
$course_fee,
$break,
$qual_subject_level,
$break,
$subject,
"From: $name <$email>");
}
}
else {
$error = 'Please fill in all the forms';
}
}
?>
One i use is have a text area and use your .css file to display:none it most bots dont read the css and thus think that the text box is shown and if it has content in it it's a bot if it does not then send your email.
E.G CSS
.antiBot{display:none};
HTML
<input type="text" class="antiBot" name="antibot" value="" />
PHP
<?php
if($_REQUEST['antibot'] == ""){
// send your email
}else{
// bot using your system
}
?>
How ever change the name or bot will get be able to notice its a trap and will get around it with little work insted of having to parse the CSS file for your site
So in your case just rap the if above around your code as for formatting of an email if its plain text use dubble quotes and \n (newline) but it wont work in single quotes.